vulnerability
Splunk CVE-2024-36994: Persistent Cross-site Scripting (XSS) in Dashboard Elements
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | 2024-07-01 | 2025-04-07 | 2025-04-22 |
Severity
5
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
2024-07-01
Added
2025-04-07
Modified
2025-04-22
Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the “admin” or “power” Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.The “ping” URL attribute and the “url” parameter do not properly validate user input. The attribute and parameter are not properly escaped, which could lead to the Stored Cross-site Scripting (XSS) exploit.
Solution
splunk-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.